Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-05-19
2004-02-17
Hua, Ly V. (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C707S793000, C707S793000
Reexamination Certificate
active
06694436
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention concerns a terminal and a system for performing secure electronic transactions.
2. Description of the Related Art
Public digital data transmission networks, such as the Internet, are expanding at a considerable: rate. However, the performing of secure electronic transfers on this type of network is currently being hampered, among other things, by the lack of security mechanisms associated with such transactions, reflected in a lack of confidence on the part of network users and operators.
In the context of this application:
an electronic transaction designates an exchange of information via a public digital data transmission or telecommunication network, either between two or more users or between a user and a service provider,
a function is a process carried out in order to render a service to a user,
an application designates a consistent set of services and functions,
the expression “application software” designates the software needed to perform the functions relating to a given application, and
a secure transaction is a transaction for which security measures are implemented, namely authentication of the entities participating in the transaction, integrity, confidentiality, authenticity and possibly non-repudiation of exchanges and operations effected in the context of the transaction.
Many applications require secure electronic transactions. Examples are controlling access to computer or similar resources, home banking (statements, transfers between accounts, etc . . . via the telephone network or the Internet), electronic trading (purchase of goods or services via a public network), electronic mail, electronic purse, etc.
These and other applications requiring secure transactions are well known to the skilled person and are not described in detail here.
Depending on their nature, rendering such applications secure necessitates the use of one or more security services such as:
authentication, to guarantee the identity of an entity (a person or a system);
access control, protecting against unauthorised use or manipulation of resources;
confidentiality, prohibiting disclosure of data to unauthorised entities;
data integrity, which assures that data has not been modified, deleted or substituted without authorisation, and
non-repudiation, which assures that a participant in an exchange of data cannot subsequently deny the existence of the exchange.
The combination of two existing techniques makes it feasible to employ the above security services, so offering a sufficient level of security for the performance of electronic transactions.
These are:
public key and private key cryptography, because it guarantees non-repudiation and facilitates management of keys; and
the integrated circuit (or smart) card, because it is relatively inexpensive, easy to use and reliable because it uses dedicated microprocessors with hardware and software protection features so that read and write mode access to their memory can be barred.
Integrated circuit cards offer the following services:
authentication of the cardholder or user: this operation authenticates the cardholder by means of a confidential code after which the card allows operations such as executing algorithms, reading secret keys, reading or writing data on the card, which can also be subject to other security conditions;
protection of data and functions stored on the integrated circuit card. Access to the card can be subject to prior authentication of the electronic entity requesting to access it. This external authentication is generally effected in challenge/response mode. In this case the entity has a secret parameter, hereinafter also called the secret, enabling it to calculate, depending on a challenge issued by the card, a response that will prove to the card that it is in possession of the secret;
execution of cryptographic algorithms using a secret parameter stored on the card (encipherment, message authentication, signature); and
internal authentication. This service enables an application to authenticate the card. This service is the inverse of external authentication. The card generates a response to a challenge received, using a secret stored on the card.
The services offered by means of the integrated circuit card are performed on receipt of so-called elementary commands, execution of the elementary command causing the sending of elementary responses. The elementary commands concern, for example, cryptographic calculations, reading or writing of secret or other data, intervention of the user (entry of their personal confidential code (PIN), validation of a transaction after signature), and return of information to the user (display of messages to be signed, for example).
Some cards offer the facility to verify the integrity, source and even the confidentiality of commands sent to the card. These services are based on techniques of authenticating and enciphering the commands.
The current use of integrated circuit (or microcircuit) cards offers a very high level of security because the transactions are essentially performed on private networks and terminals (automatic teller machines, point of sale terminals, for example) which are under the control of an entity assuring the security of the system as a whole.
In such applications, users or abusers do not have access to the application software or to the hardware and software security mechanisms of the terminals.
In contrast, performing secure transactions using integrated circuit cards on a public network presupposes that users have access to a card reader terminal module, given that microcircuit cards do not have their own electrical power supply and that using them requires a reader that can power them up and establish communication with the user and/or external electronic means.
At present, to perform a transaction on a public network, the user employs a terminal that can be a dedicated product, a personal computer or a personal computer connected to an integrated circuit card by a card reader.
In all cases, the transaction system accessible to the user generally comprises:
an application service provider, for example an Internet browser, an electronic mail program, a home banking program,
a high-level security service provider enabling execution of low-level cryptographic mechanisms required by the application.
The application service provider issues requests for high-level security services to assure the security of the transactions performed.
If the application is installed on the user's personal computer, the cryptographic services referred to are, for example, those defined by RSA laboratories in its standard “PKCS 11: Cryptographic Token Interface Standard” or the cryptographic services offered by the Microsoft Windows NT operating system, in particular those available via the “Crypto API” application program interface (API).
If the user does not have an integral microcircuit card reader, the cryptographic services are effected entirely by software.
If the user wishes to enhance security, they use a transparent type integrated circuit card reader connected to their computer. A transparent type card reader is in fact an interface module between the computer and the integrated circuit card for transmitting elementary commands from the computer, originating from the cryptographic service provider, to the card, and elementary responses from the card to the computer. Using this terminal, consisting of their terminal module−computer+reader−coupled to their card, a user can perform electronic transactions (electronic shopping, for example).
Of course, access of users to a terminal of this kind generates potential security risks.
The more decentralised the applications the greater the risk. Conversely, the better the control of the risks at the terminal end, the more decentralised can the applications be. Consider purse type applications, for example, in which transactions (purchaser card debit/merchant card credit) are effected card-to-card, without requiring consolidati
Activcard
Hua Ly V.
Stevens Davis Miller & Mosher LLP
LandOfFree
Terminal and system for performing secure electronic... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Terminal and system for performing secure electronic..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Terminal and system for performing secure electronic... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3287188